feat(api): profil machine éditable, sonde, et réglages globaux apt-cacher-ng

- machines : updateMachine (PATCH /machines/:id) + POST /machines/:id/probe (sonde synchrone → faits + proposition de correction) ; MachineView expose machineKind/virtualization ; CreateMachineInput accepte aptProxyMode persistent - app_settings (clé/valeur, migration 0006) + service appSettings : défaut apt-cacher-ng (mode + url) ; applyProxyToAllMachines - routes /settings : GET, PUT /apt-proxy, POST /apt-proxy/apply-all Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-06 07:53:47 +02:00
parent 0ab6b1d392
commit 2b684da9cd
10 changed files with 2366 additions and 5 deletions
@@ -0,0 +1,5 @@
+CREATE TABLE `app_settings` (
+	`key` text PRIMARY KEY NOT NULL,
+	`value` text,
+	`updated_at` text NOT NULL
+);
@@ -43,6 +43,13 @@
      "when": 1780718324238,
      "tag": "0005_silent_drax",
      "breakpoints": true
+    },
+    {
+      "idx": 6,
+      "version": "6",
+      "when": 1780724800966,
+      "tag": "0006_many_northstar",
+      "breakpoints": true
    }
  ]
 }
@@ -312,3 +312,10 @@ export const actionRequests = sqliteTable("action_requests", {
  executionId: text("execution_id"),
  expiresAt: text("expires_at"),
 });
+
+// Réglages globaux de l'application (clé/valeur). Ex. proxy APT par défaut.
+export const appSettings = sqliteTable("app_settings", {
+  key: text("key").primaryKey(),
+  value: text("value"),
+  updatedAt: text("updated_at").notNull(),
+});
@@ -5,6 +5,7 @@ import { actionsRoutes } from "./actions.js";
 import { actionRequestsRoutes } from "./actionRequests.js";
 import { dockerRoutes } from "./docker.js";
 import { dbRoutes } from "./db.js";
+import { settingsRoutes } from "./settings.js";
 import { getServerCapabilities } from "../services/capabilities.js";
 import { getSystemMetrics, getSystemStatus } from "../services/system.js";

@@ -13,6 +14,7 @@ api.get("/capabilities", (c) => c.json(getServerCapabilities()));
 api.get("/system/status", (c) => c.json(getSystemStatus()));
 api.get("/system/metrics", (c) => c.json(getSystemMetrics()));
 api.route("/system/db", dbRoutes);
+api.route("/settings", settingsRoutes);
 api.route("/machines", machinesRoutes);
 api.route("/machines", actionsRoutes);
 api.route("/machines", dockerRoutes);
@@ -1,10 +1,11 @@
 // server/routes/machines.ts
 import { Hono } from "hono";
 import {
-  listMachines, createMachine, deleteMachine, getMachineRow, getCreds, testConnection,
-  type CreateMachineInput,
+  listMachines, createMachine, deleteMachine, updateMachine, getMachineRow, getCreds, testConnection,
+  type CreateMachineInput, type UpdateMachineInput,
 } from "../services/machines.js";
 import { refreshMachine, getLatestSnapshot } from "../services/refresh.js";
+import { runProbe } from "../services/machineProbe.js";

 export const machinesRoutes = new Hono();

@@ -43,6 +44,25 @@ machinesRoutes.post("/:id/refresh", async (c) => {
  }
 });

+machinesRoutes.patch("/:id", async (c) => {
+  const body = (await c.req.json()) as UpdateMachineInput;
+  try {
+    return c.json(updateMachine(c.req.param("id"), body));
+  } catch (err) {
+    return c.json({ error: (err as Error).message }, 400);
+  }
+});
+
+// Sonde synchrone (lecture seule) : renvoie faits + proposition de correction.
+machinesRoutes.post("/:id/probe", async (c) => {
+  try {
+    const o = await runProbe(c.req.param("id"));
+    return c.json({ probe: o.probe, proposal: o.proposal, changes: o.changes });
+  } catch (err) {
+    return c.json({ error: (err as Error).message }, 400);
+  }
+});
+
 machinesRoutes.delete("/:id", (c) => {
  deleteMachine(c.req.param("id"));
  return c.json({ ok: true });
@@ -0,0 +1,24 @@
+// server/routes/settings.ts
+import { Hono } from "hono";
+import { getDefaultAptProxy, setDefaultAptProxy, type DefaultAptProxy } from "../services/appSettings.js";
+import { applyProxyToAllMachines } from "../services/machines.js";
+
+export const settingsRoutes = new Hono();
+
+// Réglages globaux exposés à l'UI.
+settingsRoutes.get("/", (c) => c.json({ defaultAptProxy: getDefaultAptProxy() }));
+
+// Définit le proxy APT par défaut (apt-cacher-ng).
+settingsRoutes.put("/apt-proxy", async (c) => {
+  const body = (await c.req.json()) as DefaultAptProxy;
+  const mode = body.mode ?? "direct";
+  const url = (body.url ?? "").trim() || null;
+  return c.json(setDefaultAptProxy({ mode, url }));
+});
+
+// Applique le proxy par défaut à toutes les machines existantes.
+settingsRoutes.post("/apt-proxy/apply-all", (c) => {
+  const { mode, url } = getDefaultAptProxy();
+  const updated = applyProxyToAllMachines(mode, url);
+  return c.json({ ok: true, updated });
+});
@@ -0,0 +1,43 @@
+// server/services/appSettings.ts
+import { db, schema } from "../db/client.js";
+import type { AptProxyMode } from "@shared/types.js";
+
+export const SETTING_KEYS = {
+  defaultAptProxyUrl: "default_apt_proxy_url",
+  defaultAptProxyMode: "default_apt_proxy_mode",
+} as const;
+
+export function getAllSettings(): Record<string, string> {
+  return Object.fromEntries(
+    db.select().from(schema.appSettings).all().map((r) => [r.key, r.value ?? ""]),
+  );
+}
+
+export function setSettings(patch: Record<string, string | null>): void {
+  const now = new Date().toISOString();
+  for (const [key, value] of Object.entries(patch)) {
+    db.insert(schema.appSettings)
+      .values({ key, value, updatedAt: now })
+      .onConflictDoUpdate({ target: schema.appSettings.key, set: { value, updatedAt: now } })
+      .run();
+  }
+}
+
+export interface DefaultAptProxy {
+  mode: AptProxyMode;
+  url: string | null;
+}
+
+export function getDefaultAptProxy(): DefaultAptProxy {
+  const s = getAllSettings();
+  const mode = (s[SETTING_KEYS.defaultAptProxyMode] as AptProxyMode) || "direct";
+  return { mode, url: s[SETTING_KEYS.defaultAptProxyUrl] || null };
+}
+
+export function setDefaultAptProxy(input: DefaultAptProxy): DefaultAptProxy {
+  setSettings({
+    [SETTING_KEYS.defaultAptProxyMode]: input.mode,
+    [SETTING_KEYS.defaultAptProxyUrl]: input.url ?? "",
+  });
+  return getDefaultAptProxy();
+}
@@ -5,7 +5,7 @@ import { db, schema } from "../db/client.js";
 import { encryptSecret, decryptSecret } from "../crypto/secrets.js";
 import { env } from "../env.js";
 import { runPlain, type SshCreds } from "../ssh/client.js";
-import type { MachineView, OsFamily } from "@shared/types.js";
+import type { AptProxyMode, MachineKind, MachineView, OsFamily } from "@shared/types.js";
 import { writeCredentials, readCredentials, resolveCreds } from "./credentials.js";

 export interface CreateMachineInput {
@@ -15,7 +15,7 @@ export interface CreateMachineInput {
  username: string;
  password: string;
  sudoPassword?: string | null;
-  aptProxyMode?: "direct" | "runtime";
+  aptProxyMode?: AptProxyMode;
  aptProxyUrl?: string | null;
 }

@@ -29,13 +29,37 @@ function toView(m: MachineRow): MachineView {
    port: m.port,
    osFamily: m.osFamily as OsFamily,
    username: m.username,
-    aptProxyMode: m.aptProxyMode as "direct" | "runtime",
+    aptProxyMode: m.aptProxyMode as AptProxyMode,
    aptProxyUrl: m.aptProxyUrl,
    status: m.status as MachineView["status"],
    lastCheckedAt: m.lastCheckedAt,
+    machineKind: (m.machineKind as MachineKind | null) ?? "unknown",
+    virtualization: m.virtualization,
  };
 }

+export interface UpdateMachineInput {
+  osFamily?: OsFamily;
+  machineKind?: MachineKind;
+  virtualization?: string | null;
+  aptProxyMode?: AptProxyMode;
+  aptProxyUrl?: string | null;
+}
+
+/** Met à jour les champs de profil/proxy d'une machine (jamais les secrets). */
+export function updateMachine(id: string, input: UpdateMachineInput): MachineView {
+  const row = getMachineRow(id);
+  if (!row) throw new Error("Machine introuvable");
+  const patch: Partial<MachineRow> = { updatedAt: new Date().toISOString() };
+  if (input.osFamily !== undefined) patch.osFamily = input.osFamily;
+  if (input.machineKind !== undefined) patch.machineKind = input.machineKind;
+  if (input.virtualization !== undefined) patch.virtualization = input.virtualization;
+  if (input.aptProxyMode !== undefined) patch.aptProxyMode = input.aptProxyMode;
+  if (input.aptProxyUrl !== undefined) patch.aptProxyUrl = input.aptProxyUrl;
+  db.update(schema.machines).set(patch).where(eq(schema.machines.id, id)).run();
+  return toView(getMachineRow(id)!);
+}
+
 export function getCreds(m: MachineRow): SshCreds {
  const key = env.requireMasterKey();
  const { encPassword, encSudoPassword } = resolveCreds(
@@ -121,3 +145,12 @@ export async function createMachine(input: CreateMachineInput): Promise<MachineV
 export function deleteMachine(id: string): void {
  db.delete(schema.machines).where(eq(schema.machines.id, id)).run();
 }
+
+/** Applique un proxy APT à toutes les machines. Renvoie le nombre de machines modifiées. */
+export function applyProxyToAllMachines(mode: AptProxyMode, url: string | null): number {
+  const res = db
+    .update(schema.machines)
+    .set({ aptProxyMode: mode, aptProxyUrl: url, updatedAt: new Date().toISOString() })
+    .run();
+  return res.changes;
+}
@@ -251,6 +251,9 @@ export interface MachineView {
  aptProxyUrl: string | null;
  status: MachineStatus;
  lastCheckedAt: string | null;
+  // Ajouts SJ-7 (optionnels, rétro-compatibles) :
+  machineKind?: MachineKind;
+  virtualization?: string | null;
 }

 /** Client API local/Hermes — ne contient jamais le token brut. */